Location: Remote (limited on-site presence at Braine L’Alleud, Belgium)
Duties & Roles
- Produce the CIS Description (CISD) documentation, addressing all NATO CIS components; coordinate with Service Delivery Managers (SDMs), network and security architects and other relevant Subject Matter Experts (SMEs) to ensure the complete and accurate description of the CIS.
- Conduct Security Risk Assessment (SRA) for the NATO CIS in scope; this includes the identification and assessment of risks in close coordination with NATO accreditation stakeholders (including technical and security authorities).
- In close coordination with the security accreditation support and the technical stakeholders, produce the Security Requirements Statements (SRSs) (System Specific and for the System Interconnections), which include evaluating the implementation of the security requirements as per the NATO security policies and directives, advise on mitigation and remediation recommendations for those security requirements partially implemented (or not implemented), and document these in the relevant accreditation documents (Security Requirements Statements (SRSs), SecOPs).
- Produce the Security Operating Procedures (SecOPs) in line with the NATO security policies and directives.
- Develop Security Tests and Verification Plans (STVP).
- Conduct Security tests in accordance with defined test plans and provide associate reporting.
- Support the development of mitigation and remediation plans, following the identification and assessment of cybersecurity risks for NISC managed CIS, specifically assessing the residual risks after the application of cybersecurity risk mitigation measures.
- Assist with complex remediation activities for the NATO CIS in scope of this SoW; conduct remediation activities in collaboration with the NCIA Service Delivery Managers.
- Ensure adequate level of systems/data protection is implemented for NISC managed CIS in accordance with NATO Security policies and directives.
Education, Experience and Training (essential)
1) Technical Proficiency:
The support for this work requires technical proficiencies as the development and execution of the following accreditation deliverables:
a. NATO CIS Security accreditation process
b. CIS Security Risk Assessments (SRA)
c. CIS Security Tests and Verifications (STV)
d. CIS Security Assessments (SA) remediation
A minimum of 2 years of experience with the security accreditation process are required, including development of security accreditation documents as listed above.
2) Problem-Solving Skills:
a. Strong troubleshooting skills to diagnose and resolve hardware, software, and network security issues.
b. Ability to guide users through problem-solving steps effectively.
3) Automation Skills:
a. Proficiency in automation to create workflows and automate repetitive processes.
b. Ability to identify and implement automation opportunities to enhance efficiency.
4) Communication and Interpersonal Skills:
a. Excellent verbal and written communication skills.
b. Full proficiency in English.
c. Ability to communicate technical information to non-technical users in a clear and concise manner.
A minimum of 2 years of work experience in an international environment are required.
5) Customer Service Orientation:
a. Strong customer service focus with a commitment to user satisfaction.
b. Patience and empathy when dealing with user issues and concerns.
6) Organizational Skills:
a. Ability to manage multiple support tickets and prioritize tasks effectively.
b. Attention to detail in documenting support activities and maintaining accurate records.
7) Team Collaboration:
a. Ability to work effectively as part of a team and share knowledge and resources.
b. Willingness to collaborate with colleagues to solve complex issues.
8) Others:
a. The candidate has strong customer relationship skills, including negotiating complex and sensitive situations under pressure.
b. The candidate must have the nationality of one of the NATO nations.